Principal Vulnerability Management Engineer

Brightstar is an innovative, forward-thinking global leader in lottery that builds on our renowned expertise in delivering secure technology and producing reliable, comprehensive solutions for our customers. As a premier pure play global lottery company, our best-in-class lottery operations, retail and digital solutions, and award-winning lottery games enable our customers to achieve their goals, fulfill player needs and distribute meaningful benefits to communities. Brightstar has a well-established local presence and is a trusted partner to governments and regulators around the world, creating value by adhering to the highest standards of service, integrity, and responsibility. Brightstar has approximately 6,000 employees. For more information, please visit

Responsibilities

We are seeking a highly experienced Senior Vulnerability Management Engineer to lead the modernization and ongoing execution of our enterprise-wide vulnerability management program. This role requires both strategic leadership and deep technical expertise in vulnerability discovery, prioritization, and remediation across on-premises and cloud environments. You will work cross-functionally with security engineers, IT, DevOps, and compliance teams to strengthen our risk posture.

Key Responsibilities:

• Lead the end-to-end revamp of the enterprise continuous vulnerability management program, with a focus on automation, prioritization, and measurable risk reduction.
• Own the lifecycle of vulnerabilities-from discovery and validation to tracking and remediation-across endpoints, servers, containers, and cloud infrastructure.
• Deploy, manage, and optimize tools such as Tenable, CrowdStrike Exposure Management, SentinelOne Singularity Vulnerability Management, and Wiz for continuous asset and vulnerability visibility.
• Collaborate with infrastructure, cloud, and application security engineers to define scanning scopes, improve detection accuracy, and ensure secure configurations across environments.
• Deliver actionable reporting and metrics to senior leadership on vulnerability risk trends, SLA compliance, and remediation progress.
• Participate in security incident response as needed, especially in cases involving exploitation of known vulnerabilities.
• Continuously assess and improve threat prioritization strategies based on exploitability, asset criticality, and business risk.
• Serve as a subject matter expert on vulnerability management best practices, secure system baselining, and regulatory alignment.
• Mentor junior engineers and support a culture of continuous learning and collaboration across the security team.

Qualifications

• 5-8+ years of experience in vulnerability management, security engineering, or a related technical security field.
• Proven track record of leading or rebuilding enterprise-wide vulnerability management programs, with measurable improvements in coverage and risk reduction.
• Hands-on experience with modern VM tools: Tenable.sc/IO, CrowdStrike Falcon Exposure Management, SentinelOne Singularity VM, and Wiz for cloud-native environments.
• Deep understanding of vulnerability lifecycles, CVSS, exploitability frameworks, and prioritization strategies.
• Strong collaboration skills, with the ability to work cross-functionally with IT, DevOps, Compliance, and Security Architecture teams.
• Excellent communication skills, capable of translating technical findings into business risk and remediation plans for diverse audiences.

Keys to Success
Building collaborative relationships
Decision making
Drive results
Foster innovation
Personal energy
Self-leadership

#LI-KM1 #LI-USREMOTE

At Brightstar, we consider a wide range of factors in determining compensation, including background, skills, experience, and work location. These factors can cause your compensation to vary. The estimated starting compensation range is $74,961-164,800. The actual pay offered may end up being higher or lower. The Company will comply with all local pay requirements and collective bargaining agreements, where applicable.

Base pay is only one part of our Total Rewards program. Sales roles may be eligible for commission payments, while other roles are eligible for discretionary bonuses. In addition, we offer employees a 401(k) Savings Plan with Company contributions, health, dental, and vision insurance, life, accident, and disability insurance, tuition reimbursement, paid time off, wellness programs, and identity theft insurance. Note: programs are subject to eligibility requirements.

All Brightstar employees have a role in information security. Annual training will be assigned and required as appropriate.